summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--sshd.818
2 files changed, 21 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 62fef2fc0..200ce2a08 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,10 @@
4 [sshd_config.5] 4 [sshd_config.5]
5 Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@, 5 Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@,
6 ok jmc@ djm@ 6 ok jmc@ djm@
7 - dtucker@cvs.openbsd.org 2006/08/21 08:15:57
8 [sshd.8]
9 Add more detail about what permissions are and aren't accepted for
10 authorized_keys files. Corrections jmc@, ok djm@, "looks good" jmc@
7 11
820060824 1220060824
9 - (dtucker) [openbsd-compat/basename.c] Include errno.h. 13 - (dtucker) [openbsd-compat/basename.c] Include errno.h.
@@ -5306,4 +5310,4 @@
5306 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 5310 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
5307 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 5311 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
5308 5312
5309$Id: ChangeLog,v 1.4511 2006/08/30 01:06:34 djm Exp $ 5313$Id: ChangeLog,v 1.4512 2006/08/30 01:07:00 djm Exp $
diff --git a/sshd.8 b/sshd.8
index 778ea906b..522279ee3 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd.8,v 1.233 2006/07/19 13:07:10 dtucker Exp $ 37.\" $OpenBSD: sshd.8,v 1.234 2006/08/21 08:15:57 dtucker Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD 8 39.Dt SSHD 8
40.Os 40.Os
@@ -681,9 +681,23 @@ rlogin/rsh.
681.It ~/.ssh/authorized_keys 681.It ~/.ssh/authorized_keys
682Lists the public keys (RSA/DSA) that can be used for logging in as this user. 682Lists the public keys (RSA/DSA) that can be used for logging in as this user.
683The format of this file is described above. 683The format of this file is described above.
684This file is not highly sensitive, but the recommended 684The content of the file is not highly sensitive, but the recommended
685permissions are read/write for the user, and not accessible by others. 685permissions are read/write for the user, and not accessible by others.
686.Pp 686.Pp
687If this file, the
688.Pa ~/.ssh
689directory, or the user's home directory are writable
690by other users, then the file could be modified or replaced by unauthorized
691users.
692In this case,
693.Nm
694will not allow it to be used unless the
695.Cm StrictModes
696option has been set to
697.Dq no .
698The recommended permissions can be set by executing
699.Dq chmod go-w ~/ ~/.ssh ~/.ssh/authorized_keys .
700.Pp
687.It ~/.ssh/environment 701.It ~/.ssh/environment
688This file is read into the environment at login (if it exists). 702This file is read into the environment at login (if it exists).
689It can only contain empty lines, comment lines (that start with 703It can only contain empty lines, comment lines (that start with